From 6081f9fa73c94ad0f49c0fb4653412a0f1f6e851 Mon Sep 17 00:00:00 2001 From: Daniel Micay Date: Tue, 26 Jul 2022 19:28:37 -0400 Subject: [PATCH] allow synapse to connect to nginx via loopback For an unknown reason, synapse occasionally tries to connect to matrix.grapheneos.org which ends up being routed via the loopback interface. For now, allow this to avoid rejected packets. --- nftables-matrix.conf | 1 + 1 file changed, 1 insertion(+) diff --git a/nftables-matrix.conf b/nftables-matrix.conf index 52376d3..5d6b87f 100644 --- a/nftables-matrix.conf +++ b/nftables-matrix.conf @@ -59,6 +59,7 @@ table inet filter { skuid http tcp sport 443 tcp dport >= 1024 tcp dport != 8008 accept skuid matterbridge tcp sport >= 1024 tcp dport != 8008 tcp dport 443 accept + skuid synapse tcp sport >= 1024 tcp dport != 8008 tcp dport 443 accept skuid != root counter goto output-reject accept